Method and system for mitigating traffic congestions in a communication network

ABSTRACT

A method for mitigating traffic congestions in a communication network uses concatenated data packets to transmit information between terminals, e.g., edge proxies, of the network. Embodiments of the invention are directed to packet communications over military or commercial networks. In one application, the method is implemented in a network using High Assurance Internet Protocol Encryption (HAIPE).

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims benefit of U.S. provisional patent applicationSer. No. 60/853,219, filed Oct. 20, 2006, which is herein incorporatedby reference.

FIELD OF THE INVENTION

The present invention generally relates to the field of communicationnetworks and, in particular, to a method for mitigating trafficcongestions in a communication network.

BACKGROUND OF THE INVENTION

Communication networks may experience traffic congestion events. Duringsuch events, performance of data, voice, or video communicationsdegrades and may fall below acceptable levels. In particular, trafficcongestions are more likely to occur in military and commercial networksusing data encryption techniques.

FIG. 1 depicts an exemplary conventional datagram 100 that may be usedfor transmitting encrypted information in an Internet Protocol (IP)based communication system. The datagram 100 includes an encryptionoverhead block 110 and a packet 120 having an IP header 122 and apayload 124. The encryption overhead block 110 generally includes an IPheader 112, an encryption header 114, and an encryption trailer 116.

Encryption techniques commonly produce large amounts of overhead thatsignificantly increases the traffic load in a network. For example, inthe datagram 100, a bit length of the encryption overhead block 110 mayexceed by more than two times a bit length of the packet 120.Correspondingly, limited bandwidths of the respective networks mayprevent use of effective encryption techniques that tend to generatelarge overhead traffic.

Therefore, despite the considerable effort in the art devoted toavoidance or mitigation of traffic congestions in communicationnetworks, further improvements would be desirable.

SUMMARY OF THE INVENTION

Embodiments of the present invention are generally directed to packetcommunications over military or commercial communication networks.

One aspect of the invention provides a method for exchanging informationusing data packets that are concatenated to form integrated datagrams.When transmitted information is encrypted, each integrated datagramincludes an encryption protocol-specific overhead block.

Another aspect of the present invention provides a method fortransmitting information in an Internet Protocol (IP) basedcommunication network. In one embodiment, the method includes the stepsof identifying data packets having a common interim destinationterminal, e.g., edge proxy of the network, concatenating such datapackets to form one or more integrated datagrams, and exchanging theintegrated datagrams between transmitting and receiving terminals of thenetwork.

Yet another aspect of the present invention provides a method formitigating traffic congestion in a communication network having at leasttwo edge proxies and using High Assurance Internet Protocol Encryption(HAIPE). In one embodiment, the method includes the steps of generatingdata packets having a header and a payload containing a portion of theinformation. The data packets are concatenated to form integrateddatagrams, each such datagram having an encryption protocol-specificoverhead block. The integrated datagrams are exchanged betweentransmitting and receiving edge proxies of the network. A number of thedata packets in an integrated datagram is dynamically defined based onassessment of a plurality of pre-determined parameters, including atraffic load, a type of a content of the concatenated data packets,probability of a loss of the data packets, and a Differentiated ServicesCode Point (DSCP) value.

Still another aspect of the present invention is a communication networkusing the inventive method.

Various other aspects and embodiments of the invention are described infurther detail below.

The Summary is neither intended nor should it be construed as beingrepresentative of the full extent and scope of the present invention,which these and additional aspects will become more readily apparentfrom the detailed description, particularly when taken together with theappended drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a schematic diagram of a conventional datagram fortransmitting encrypted information in an IP-based network.

FIG. 2 is a flow diagram illustrating a method of mitigating trafficcongestions in a communication network in accordance with one embodimentof the present invention.

FIG. 3 is a schematic diagram of an integrated datagram formed inaccordance with the method of FIG. 2.

FIG. 4 is a high-level, schematic diagram of an exemplary communicationnetwork using the method of FIG. 2.

To facilitate understanding, identical reference numerals have beenused, where possible, to designate identical elements that are common tothe figures. The images in the drawings are simplified for illustrativepurposes and are not depicted to scale.

The appended drawings illustrate exemplary embodiments of the inventionand, as such, should not be considered as limiting the scope of theinvention that may admit to other equally effective embodiments. It iscontemplated that features or steps of one embodiment may beneficiallybe incorporated in other embodiments without further recitation.

DETAILED DESCRIPTION

Referring to the figures, FIG. 2 depicts a flow diagram illustrating amethod 200 of mitigating traffic congestions in a communication networkin accordance with one embodiment of the present invention, and FIG. 3depicts a schematic diagram of an integrated datagram 300 formed inaccordance with the method 200. To best understand the invention, thereader is suggested to refer to FIGS. 2-3 simultaneously.

In various embodiments, method steps of the method 200 are performed inthe depicted order or at least two of these steps or portions thereofmay be performed contemporaneously, in parallel, or in a differentorder. For example, portions of steps 220 and 230 or steps 260 and 270may be performed contemporaneously or in parallel. Those skilled in theart will readily appreciate that the order of executing at least aportion of other discussed below processes or routines may also bemodified.

Hereafter, aspects of the present invention are illustratively describedwithin the context of IP-based communication networks and, in particularcommunication networks where information (for example, voice, video, oralphanumerical data) is transmitted in an encrypted format. Thesenetworks may comprise wireless, wired, or fiber-optic communicationlinks. It has been contemplated and is within the scope of the presentinvention that the method 200 may also be utilized within the context ofother types of communication networks that are adapted for exchangingdigitized information.

At step 210, data packets 120 (shown in FIG. 3) addressed to the sameinterim destination, i.e., same receiving terminal, are identified andaccumulated at a transmitting terminal of a communication network. Inone embodiment, the transmitting and receiving terminals are edgeproxies of the respective network. Each edge proxy may further becoupled to a plurality of client devices or one or more local areanetworks (LANs).

Referring to FIG. 3, each data packet 120 includes the IP header 122 andpayload 124. The payload 124 may contain digitized voice, alphanumericaldata, or video information. Collectively, such information is referredto herein as “data.”

At step 220, at least two data packets 120, which are addressed to thesame receiving terminal, are concatenated to form a data block 302(shown in FIG. 3). A number N of the concatenated data packets 1201-120Nis determined based on pre-determined traffic conditions and, in someembodiments, is determined substantially in a real time, or dynamically.

For example, the number of the concatenated data packets 1201-120N inthe data block 302 may be determined based on settings for at least oneparameter characterizing: (i) traffic load in a transmission pathbetween the transmitting and receiving terminals, (ii) type of a contentof the payloads 124, i.e., voice, alphanumerical data, or video content,(iii) level of precedence of the data packets 120, and (iv) a Quality ofService (QoS) benchmark.

Applicable attributes of the QoS benchmark include packet delay, packetloss ratio, short and long term jitters, packet retransmission ratio,and the like. A degree of compliance with particular QoS requirementsmay be assessed using parameters P_(E), P_(C), and P_(V) corresponding,respectively, to portions of packet transmissions that exceed, conformto, or violate pre-determined quality thresholds. Typically, theparameters P_(E), P_(C), and P_(V) are expressed in percents, andP_(E)+P_(C)+P_(V)=100%.

Alternatively, or additionally, in some networks (for example, tacticalmilitary networks), the number and type of the concatenated packets 120is based on a Differentiated Services Code Point (DSCP) value VDSCP ofthese packets. Typically, the DSCP value is selectively assigned to thedata packets 120 in accordance with a level of precedence of theirpayloads 124. Correspondingly, the data block 302 is assigned a level ofprecedence that is equal to a highest such level among the componentdata packets 120 of the data block.

At step 230, contents of the payloads 124 of the concatenated datapackets 1201-120N of the data block 302 are encrypted using a respectiveencryption protocol. In some embodiments, the contents are encryptedusing High Assurance Internet Protocol Encryption (HAIPE) or an IPSecurity (IPSec) protocol, among other encryption protocols.

Data encryption generates an overhead block 310 including a header 312(for example, IP header) and at least one of an encryptionprotocol-specific header 314 or an encryption protocol-specific trailer316. Together, the data block 302 and the encryption overhead block 310form an integrated datagram 300.

It should be noted that, in the method 100, only one overhead block 310is needed for transmitting a plurality on N data packets 120 encoded incompliance with a respective encryption protocol. Typically, theintegrated datagram 300 is assigned a level of precedence that is equalto the highest one among the component data packets 120 of the datablock 302. In some embodiments, when data encryption is not used, theoverhead block 310 comprises only the header 312.

At step 240, the integrated datagram 300 is transmitted from atransmitting terminal to a receiving terminal of the network 400 (seeFIG. 4) at the interim destination of the concatenated data packets 120.For example, in the depicted embodiment, the integrated datagram 300 isillustratively transmitted from an edge proxy 424 _(A) to an edge proxy424 _(B) (see FIG. 4).

At step 250, at the receiving terminal of the network, the integrateddatagram 300 is de-encrypted, and the data block 302 is separated fromthe encryption overhead block 310.

At step 260, the data block 302 is de-concatenated, i.e., the datapackets 1201-120N are separated from one another.

At step 270, the data packets 1201-120N are forwarded to theirrespective recipient(s), i.e., one or more client devices coupled to thereceiving terminal (for example, the edge proxy 424B) of the network.

FIG. 4 is a high-level, schematic diagram of an exemplary communicationnetwork 400 using the method 100 of FIG. 2. Illustratively, the network400 comprises a network core 410 and a plurality of network edges 420(network edges 420A and 420B are shown).

In the depicted embodiment, each network edge 420 includes an encryptionmodule 422 and an edge proxy 424 coupled to respective client devices430. The encryption module 422 may be realized as a software module, ahardware device, or a combination thereof. In some embodiments, theencryption module 422 is a portion of the edge proxy 424. The clientdevices 430 may be connected to the edge proxy 424 directly (as shown)or via a local area network (LAN).

In operation, using interfaces 421, the edge proxies 424 exchangepacketized messages between each other or with external networks (notshown). When these messages are transferred within the network 400,i.e., between the network edges 420, to mitigate traffic congestion in atransmission path between the respective network edges, such messagesmay be transmitted as one or more integrated datagrams 300 (discussedabove in reference to FIGS. 2-3).

In one embodiment, the edge proxy 424 comprises a timer 426 (denoted inFIG. 4 as “T”) that may be used for determining the number N ofconcatenated data packets 120 of the integrated datagram 300. Settingsof the timer 426 correspond to time intervals allocated for identifying,selecting, or concatenating the data packets 120 for a particularintegrated datagram 300. Duration of such time intervals is generallybased on the content of the payloads and a traffic conditions in thetransmission path between the transmitting and receiving edge proxies.

As traffic congestion increases, more data packets 120 are concatenatedin the data block 302 and, as such, a bit length of the integrateddatagram 300 increases to mitigate the traffic load in the network 400.Nominal values of the settings for the timer 426 depend on severity ofthe experienced traffic congestions and typically are in a range fromabout 1 to 100 msec. In one embodiment, the timer 426 is assignedsettings M1-M6 that are summarized in Table 1 below, wherein M2>M1,M4>M3, and M6>M5.

TABLE 1 SETTING OF EDGE PACKET PAYLOAD LEVEL OF TRAFFIC PROXY TIMERCONTENT CONGESTION M1 Voice Low M2 Voice High M3 Data Low M4 Data HighM5 Video Low M6 Video High

In a further embodiment, alternatively or additionally, particular typesof data packets 120 are concatenated based on severity of the trafficconditions, values of components P_(C) and P_(V) of the QoS benchmark,and the DSCP value VDSCP of the data packets 120, as summarized below inTable 2. For purpose of brevity, the terms “Voice packets,” “Datapackets,” and “Video packets” are used in the Table 2 in reference tothe content of the payloads 124 of the respective data packets 120.

TABLE 2 TRAFFIC LEVEL OF STRUCTURE OF PAYLOAD OF CONDITIONS CONGESTIONINTEGRATED DATAGRAMM P_(C) + P_(V) > P₁ 1 Voice packets having sameV_(DSCP). Edge Proxy Timer setting is M1. P_(C) + P_(V) > P₂ 2 Voicepackets regardless of V_(DSCP). Edge Proxy Timer setting is M2. P_(C) +P_(V) > P₃ 3 Video and Data packets having same V_(DSCP). Edge ProxyTimer setting is M3 for Data packets and M5 for Video packets. P_(C) +P_(V) > P₄ 4 Voice and Data packets regardless of V_(DSCP). Edge ProxyTimer setting is M4 for Data packets and M6 for Video packets. P_(C) +P_(V) > P₅ 5 Voice, Data, and Video packets regardless of V_(DSCP).

In yet another embodiment, alternatively or additionally, particulartypes of the data packets 120 are concatenated based on admissioncontrol requirements in the network 400. Some networks (for example,military networks), in attempt to assure delivery of messages havinghigher levels of precedence LP, may tolerate delays in delivery of lessimportant messages, or, occasionally, even a loss of such messages. Inthis embodiment, at any given time, the integrated diagrams 300 areformed using the data packets 120 that are in compliance with particularadmission rules. Exemplary admission rules are summarized in Table 3,wherein LP₁<LP₂, P_(V1) and P_(V2) are pre-determined constants, andP_(V2)>P_(V1):

TABLE 3 TRAFFIC CONDITIONS STRUCTURE OF INTEGRATED DATAGRAMM P_(V) >P_(V1) Data packets having precedence LP ≧ LP₁. Data packets havingprecedence MP < MP₁ are delayed or dropped. P_(V) > P_(V2) Data packetshaving precedence LP ≧ LP₂. Data packets having precedence MP < MP₂ aredelayed or dropped.

Although the invention herein has been described with reference toparticular illustrative embodiments, it is to be understood that theseembodiments are merely illustrative of the principles and applicationsof the present invention. Therefore numerous modifications may be madeto the illustrative embodiments and other arrangements may be devisedwithout departing from the spirit and scope of the present invention,which is defined by the appended claims.

1. A method of exchanging information, comprising: (a) identifying datapackets having a common interim destination, each data packet includinga header and a payload containing al least a portion of the information;(b) concatenating the data packets to form an integrated datagram; and(c) exchanging the information using at least one integrated datagram.2. The method of claim 1, wherein the information is digitized data,voice data, video data, or a combination thereof.
 3. The method of claim1, wherein the step (b) further comprises: determining a number of theconcatenated data packets in the integrated datagram based onpre-determined settings for at least one of: a traffic load in atransmission path between a source and a recipient on the information; atype of content (voice, video, or alphanumerical data) of payloads ofthe data packets; a Quality of Service (QoS) benchmark; a Differentiatedservices Code Point (DSCP) value; and network admission controlrequirements.
 4. The method of claim 1, wherein the step (b) furthercomprises: assigning to the integrated datagram a level of precedenceequal to a highest level of precedence among the concatenated datapackets.
 5. The method of claim 1, wherein the step (b) furthercomprises: exchanging the information using an Internet Protocol (IP)based wireless, wired, or fiber-optic communication network.
 6. Themethod of claim 1, wherein the step (b) further comprises: encryptingthe data packets; and including in the integrated datagram an encryptionprotocol-specific overhead block.
 7. The method of claim 1, wherein thestep (c) further comprises: separating payloads of the concatenateddatagrams in a received integrated datagram.
 8. A communication networkusing the method of claim
 1. 9. A method of transmitting information inan Internet Protocol (IP) based communication network, comprising: at atransmitting terminal of the network: (a) identifying data packetshaving a common interim destination, each data packet including a headerand a payload containing al least a portion of the information; (b)concatenating data packets to form an integrated datagram; (c)transmitting the integrated datagram; and (d) repeating the steps(a)-(c) until the information is transmitted; and at a receivingterminal of the network: (e) separating concatenated data packets in areceived integrated datagram; and (f) selectively forwarding theseparated data packets to intended recipients.
 10. The method of claim9, wherein the information is digitized data, voice data, video data, ora combination thereof.
 11. The method of claim 9, wherein the network isa wireless, wired, or fiber-optic communication network.
 12. The methodof claim 9, wherein the network is in compliance with at least one dataencryption protocol.
 13. The method of claim 9, wherein at least one ofthe transmitting and receiving terminals is an edge proxy of thenetwork.
 14. The method of claim 9, wherein the step (b) furthercomprises: encrypting the concatenated data packets; and including anencryption protocol-specific overhead block in the integrated datagram.15. The method of claim 14, further comprising: encrypting theconcatenated data packets in compliance with High Assurance InternetProtocol Encryption (HAIPE) or an IP Security (IPSec) protocol.
 16. Themethod of claim 9, wherein the step (b) further comprises: determining anumber of the concatenated data packets in the integrated datagram basedon pre-determined settings for at least one of: a traffic load in atransmission path between the transmitting and receiving terminals; atype of content (voice, video, or alphanumerical data) of payloads ofthe data packets; a Quality of Service (QoS) benchmark; a Differentiatedservices Code Point (DSCP) value; and network admission controlrequirements.
 17. The method of claim 16, further comprising:determining the number of the concatenated data packets in theintegrated datagram substantially in a real time.
 18. The method ofclaim 9, wherein the step (b) further comprises: concatenating the datapackets having a pre-determined level of precedence.
 19. The method ofclaim 9, wherein the step (b) further comprises: assigning to theintegrated datagram a level of precedence equal to a highest level ofprecedence among the concatenated data packets.
 20. The method of claim9, wherein the step (e) further comprises: de-encrypting the datapackets.
 21. A communication network using the method of claim
 9. 22. Amethod for mitigating traffic congestions in a wireless communicationnetwork having at least two edge proxies and using High AssuranceInternet Protocol Encryption (HAIPE), the method comprising: at atransmitting edge proxy: (a) identifying data packets having a commoninterim destination, each data packet including a header and a payload;(b) concatenating data packets; (c) encrypting the concatenated datapackets using the HAIPE; (d) forming an integrated datagram includingthe encrypted concatenated data packets and an encryptionprotocol-specific overhead block; (e) transmitting the integrateddatagram; and (f) repeating the steps (a)-(d) until intended informationis transmitted; and at a receiving edge proxy: (g) separatingconcatenated data packets in received integrated datagrams; and (h)selectively forwarding the separated data packets to recipients of theinformation.
 23. The method of claim 22, wherein the information isdigitized data, voice data, video data, or a combination thereof. 24.The method of claim 22, wherein the step (b) further comprises:determining a number of the concatenated data packets in the integrateddatagram based on pre-determined settings for at least one of: a trafficload in a transmission path between the transmitting and receiving edgeproxies; a type of content (voice, video, or alphanumerical data) ofpayloads of the data packets; a Quality of Service (QoS) benchmark; aDifferentiated services Code Point (DSCP) value; and network admissioncontrol requirements.
 25. The method of claim 23, further comprising:determining the number of the concatenated data packets in theintegrated datagram substantially in a real time.
 26. The method ofclaim 22, wherein the step (b) further comprises: concatenating the datapackets having a pre-determined level of precedence.
 27. The method ofclaim 22, wherein the step (b) further comprises: assigning to theintegrated datagram a level of precedence equal to a highest level ofprecedence among the concatenated data packets.
 28. The method of claim22, wherein the step (g) further comprises: de-encrypting the datapackets.
 29. A communication network using the method of claim
 22. 30. Acomputer readable medium storing software that, when executed, causes acommunication network to perform a method of exchanging information,comprising: (a) identifying data packets having a common interimdestination, each data packet including a header and a payloadcontaining al least a portion of the information; (b) concatenating thedata packets to form an integrated datagram; and (c) exchanging theinformation using at least one integrated datagram.
 31. The computerreadable medium of claim 30, wherein the step (b) further comprises:encrypting the data packets; and including in the integrated datagram anencryption protocol-specific overhead block.
 32. A computer readablemedium storing software that, when executed, causes a communicationnetwork to perform a method of transmitting information, comprising: ata transmitting terminal of the network: (a) identifying data packetshaving a common interim destination, each data packet including a headerand a payload containing al least a portion of the information; (b)concatenating data packets to form an integrated datagram; (c)transmitting the integrated datagram; and (d) repeating the steps(a)-(c) until the information is transmitted; and at a receivingterminal of the network: (e) separating concatenated data packets in areceived integrated datagram; and (f) selectively forwarding theseparated data packets to intended recipients.
 33. The computer readablemedium of claim 32, wherein the network is an Internet Protocol (IP)based wireless, wired, or fiber-optic communication network.
 34. Thecomputer readable medium of claim 32, wherein at least one of thetransmitting and receiving terminals is an edge proxy of the network.35. The computer readable medium of claim 32, wherein the step (b)further comprises: encrypting the information; and including in theintegrated datagram encryption protocol-specific overhead block.
 36. Thecomputer readable medium of claim 32, wherein the step (e) furthercomprises: de-encrypting the data packets.
 37. The computer readablemedium of claim 32, wherein the step (b) further comprises: determininga number of the concatenated data packets in the integrated datagrambased on pre-determined settings for at least one of: a traffic load ina transmission path between the transmitting and receiving terminals; atype of content (voice, video, or alphanumerical data) of payloads ofthe data packets; a Quality of Service (QoS) benchmark; a Differentiatedservices Code Point (DSCP) value; and network admission controlrequirements.
 38. The computer readable medium of claim 32, wherein thestep (b) further comprises: concatenating the data packets having apre-determined level of precedence.
 39. The method of claim 32 whereinthe step (b) further comprises: assigning to the integrated datagram alevel of precedence equal to a highest level of precedence among theconcatenated data packets.
 40. An Internet Protocol (IP) basedcommunication network, comprising: a network core; and at least twonetwork edge proxies, each edge proxy adapted for: (a) identifying datapackets having a common interim destination, each data packet includinga header and a payload; (b) concatenating data packets; (c) encryptingthe concatenated data packets using a pre-determined encryptionprotocol; (d) forming an integrated datagram including the encryptedconcatenated data packets and an encryption protocol-specific overheadblock; (e) transmitting the integrated datagram; (f) repeating the steps(a)-(d) until intended information is transmitted; and (g) separatingconcatenated data packets in received integrated datagrams; and (h)selectively forwarding the separated data packets to recipients of theinformation.
 41. The network of claim 40, wherein the pre-determinedencryption protocol is High Assurance Internet Protocol Encryption(HAIPE) or an IP Security (IPSec) protocol.
 42. The network of claim 40,wherein the network is a wireless, wired, or fiber-optic communicationnetwork.